squirrelwaffle | 96f82a0546c17c93491b1eb18c03891707f44353bf64c9118271bd40e6e5d7ac

General

Target

96f82a0546c17c93491b1eb18c03891707f44353bf64c9118271bd40e6e5d7ac.exe
Size

528KB
Sample

241123-q52k1swket
MD5

2932dab49222663e8e50e709a28aa485
SHA1

371d8713c2fd8e32ad6cf0e57dd49dc1ad5c601f
SHA256

96f82a0546c17c93491b1eb18c03891707f44353bf64c9118271bd40e6e5d7ac
SHA512

dd634f6321c03e1132bd9762867ce1536e0b2598f31c268a197376665a7bb5efa06f5f62a5dc4ecb2885a083aba113b60e9ba0c9a6dfe4c537b8fa5bea067415
SSDEEP

12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8q:0onhb1lDE+Bg9K99e+umKV/J

Score

10^/10

Malware Config

Extracted

Family

squirrelwaffle

C2

http://bostoncarservice.us/ttv8fU9U19

http://payparq-cloud-3513-01.com/bON7gU8BpvAU

http://luckysoxs.com/3FbCi7ej09p

http://payparq-cloud-8799-02.com/0yXFxtYs0Z

http://rjmholding.com/JKu3ByhTE

http://centroparquekrahmer.cl/iXIdCvMk5TD7

http://capaxion.cl/xigRVxm0X

http://bimcrea.cl/CRUKqDjn

http://payparq-cloud-8899-00.com/yeoXYV97

http://18pixels.org/mDZYHjiJi

http://e2eprocess.cl/EUsDZTqM

http://payparq.com/1DT7hrizVB

http://sammlerstore.pe/KKFuUiXVI5

Targets

- Target
  
  96f82a0546c17c93491b1eb18c03891707f44353bf64c9118271bd40e6e5d7ac.exe
- Size
  
  528KB
- MD5
  
  2932dab49222663e8e50e709a28aa485
- SHA1
  
  371d8713c2fd8e32ad6cf0e57dd49dc1ad5c601f
- SHA256
  
  96f82a0546c17c93491b1eb18c03891707f44353bf64c9118271bd40e6e5d7ac
- SHA512
  
  dd634f6321c03e1132bd9762867ce1536e0b2598f31c268a197376665a7bb5efa06f5f62a5dc4ecb2885a083aba113b60e9ba0c9a6dfe4c537b8fa5bea067415
- SSDEEP
  
  12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8q:0onhb1lDE+Bg9K99e+umKV/J
Score

10^/10

squirrelwaffle discovery downloader
- SquirrelWaffle is a simple downloader written in C++.
  SquirrelWaffle.
  downloader squirrelwaffle
- Squirrelwaffle family
  squirrelwaffle
- Squirrelwaffle payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

SquirrelWaffle is a simple downloader written in C++.

Squirrelwaffle family

Squirrelwaffle payload

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2